Splunk announced that it will no longer be selling its services to Russian companies. There will be no direct sales or via partners. This also includes companies whose headquarters is situated in Russia. However, they will continue to provide support for existing accounts/services. But, any renewals or expansion of accounts will not be entertained.
Security researcher @SwiftOnSecurity spotted this first.
Breaking: InfoSec SEIM vendor @splunk ends all business relationships with organizations in Russia https://t.co/0tFBmveqRF
— SwiftOnSecurity (@SwiftOnSecurity) February 19, 2019
Some users are encouraging the act and also suggesting this be done in China:
Now do China.
— David G (@Primed_Mover) February 19, 2019
They plan to continue services globally with this exception. The announcement on the Splunk website explains that this decision is effective for:
“…opportunities with technical partners, resellers, distributors and vendors. It also applies to business with subsidiaries based in countries outside of Russia whose parent company is in Russia, or who would use the software or services within the territory.”
Splunk is a business intelligence tool with a web UI. They also provide Security information and event management. It’s not very clear as to why they decided to drop support for Russia. Malicious cyber crimes like disinformation propaganda and hacks have been traced back to Russia in the past. Perhaps Splunk does not want to be linked to such activities or actors.
Splunk leverages AI in its monitoring tools
Splunk introduces machine learning capabilities in Splunk Enterprise and Splunk Cloud